The goal of this project is to deploy Knative on CoCo and run some baseline benchmarks.
All instructions in this repository assume that you have checked-out the source code, and have activated the python virtual environment:
source ./bin/workon.sh
# List available tasks
inv -lYou will need CoCo's fork of containerd built and running. To this extent you may run:
inv containerd.build
inv containerd.installYou also need all the kubernetes-related tooling: kubectl, kubeadm, and
kubelet:
inv k8s.install [--clean]You may also want to install k9s, a kubernetes monitoring tool:
inv k9s.installDeploy a (single-node) kubernetes cluster using kubeadm:
inv kubeadm.createSecond, install both the operator and the CC runtime from the upstream tag.
We currently pin to version v0.7.0 (see the COCO_RELEASE_VERSION variable).
inv operator.install
inv operator.install-cc-runtimeThird, update the initrd file to include our patched kata-agent:
inv kata.replace-agentif it is the first time, you will have to manually build the agent following these instructions.
Then, you are ready to run one of the supported apps:
- Hello World! (Py) - simple HTTP server running in Python to test CoCo and Kata.
- Hello World! (Knative) - same app as before, but invoked over Knatvie.
- Hello Attested World! (Knative + Attestation) - same setting as the Knative hello world, but with varying levels of attestation configured.
If your app uses Knative, you will have to install it first:
inv knative.installIn order to uninstall components for debugging purposes, you may un-install the CoCo runtime, and then the operator as follows:
inv operator.uninstall-cc-runtime
inv operator.uninstallLastly, you can completely remove the k8s cluster by running:
inv kubeadm.destroyFor further documentation, you may want to check these other documents:
- K8s - documentation about configuring a single-node Kubernetes cluster.
- Kata - instructions to build our custom Kata fork and
initrdimages. - Knative - documentation about Knative, our serverless runtime of choice.
- SEV - speicifc documentation to get the project working with AMD SEV machines.
- Troubleshooting - tips to debug when things go sideways.